<?php
namespace app\common;
use core\JsonInfo;
class LoginFilter{
	//返回true，则放行，否则程序停止解析
	function doFilter($request,$response){
		$user = $request->getSession('user');
		if(empty($user)){
			$response->redirect('/admin/user/login');
			return false;
		}
		$uri = $request->getRequestURI();
		return LoginFilter::isAuth($uri,true,$user);
	}
	
	//判断是否有权限
	static function isAuth($uri,$isEcho=false,$user=null){
		$user||$user = $_SESSION['user'];
		if(strpos($user->urls,','.$uri.',')!==false){
			if(strtolower($_SERVER['REQUEST_METHOD']).ucwords($method)=='post'){
				if($isEcho){
					$info = new JsonInfo();
					$info->success= false;
					$info->msg = '权限不足，请联系相关人员进行授权！';
					print(json_encode($info));
				}
				return false;
			}
			//普通请求
			if($isEcho){
				echo '<div style="padding:20px;text-align:\'center\'" align="center">权限不足，请联系相关人员进行授权！</div>';
			}
			return false;
		}
		return true;
	}
}